Regarding ports opening for patching client machine in DMZ.

Similar Messages

• DC making query to port 53(udp) on client machines

  After some network troubleshooting with our network engineers it was noticed that the domain controllers were trying to make connections to port 53(udp) on client machines. There is nothing in DNS that would suggest there is a reason for this. Is this normal
  behavior? Has anyone else run in to this?
  Thanks

  Hi,
  I have been experienced if I disable the IPV6 on some DC, the port 389 will can’t be accessed, please confirm your IPV6 settings.
  The related KB:
  How to use Portqry to troubleshoot Active Directory connectivity issues
  http://support.microsoft.com/kb/816103/en-us
  How to configure a firewall for domains and trusts
  http://support.microsoft.com/?scid=kb%3Ben-us%3B179442&x=19&y=10
  Support for IPv6 in Windows Server 2008 R2 and Windows 7
  http://technet.microsoft.com/en-us/magazine/2009.07.cableguy.aspx
  Hope this helps.
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• What TCP/UDP ports need to be open for VPN Client version 4.8?

  What TCP/UDP ports need to be open for Cisco VPN Client version 4.8 to work?
  Thanks,

  Normally, you need the following ports and protocol :
  UDP 500
  UDP 4500
  ESP
  In case, you are using IPSec over TCP you have to open, TCP port 10000 or any other port you want to use for IPSec connections (Its configurable).
  -Kanishka

• EBS forms not opening in Linux client machine

  Hi all,
  In our network some client machines are linux (redhat 4) and when we access the EBS (11.5.10) thru browser (Mozilla firefox) , it works until clicking icon for forms.
  There is no java applet opening. What should we do invoke oracle apps forms.
  regards
  ravi

  There is no jinit for Linux. You need to configure the Linux instance to open the 1.5.0 sun java plugin that you have installed on your Linux client machine.
  The resolution is in the link provided by hsawwan:
  Go to $APPL_TOP/admin, and in sid_host.xml ($CONTEXT_FILE),
  replace
  <sun_plugin_ver oa_var="s_sun_plugin_ver">1.4.2_04</sun_plugin_ver>
  with
  <sun_plugin_ver oa_var="s_sun_plugin_ver">1.5.0_13</sun_plugin_ver>
  Then run autoconfig.
  Or cd to $OA_HTML/bin and edit appsweb_sid_host.cfg:
  Search for the lines:
  ; 4a) Sun JDK Plugin Parameters
  ; These parameters define the Sun's java plug-in to be used
  sun_plugin_mimetype=application/x-java-applet;jpi-version=1.4.2_04
  sun_plugin_classid=clsid:CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA
  sun_plugin_url=http://host.domain:port/OA_HTML/oajinit.exe
  sun_plugin_version=1.4.2_04
  sun_plugin_legacy_lifecycle=false
  change the 1.4.2_04 entries to 1.5.0_13
  sun_plugin_mimetype=application/x-java-applet;jpi-version=1.5.0_13
  sun_plugin_classid=clsid:CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA
  sun_plugin_url=http://host.domain:port/OA_HTML/oajinit.exe
  sun_plugin_version=1.5.0_13
  And bounce apache and forms server.
  This way, WIndows users still open with Jinitiator. This change has no effect for Windows users.

• How to Enable Remote services using the GPO for the Client Machines

  How to enable remote Access services on Client machines using the Group Policy. After enable how to access with out switching the users  remote as administrator

  Hi,
  If you use windows server 2003, we can refer to the following link to enable remote access services on Client machines using the Group Policy:
  Enable or disable Remote Desktop
  http://technet.microsoft.com/en-us/library/cc727977(v=WS.10).aspx
  If you use windows server 2008 and later version, we can refer to the following link to enable remote access services on Client machines using the Group Policy:
  How to Enable or Disable Remote Desktop via Group Policy Windows 2008
  http://social.technet.microsoft.com/wiki/contents/articles/4980.how-to-enable-or-disable-remote-desktop-via-group-policy-windows-2008.aspx
  After you enable
  Allow users to connect remotely using Remote Desktop Services policy setting, users who are members of the Remote Desktop Users group on the target computer can connect remotely to the target computer by using Remote Desktop Services.
  So if you want users to access computer remotely, you need add users as members of the Remote Desktop Users group on the target computer.
  About how to add users to the Remote Desktop Users group, please refer to the following link:
  Configure the Remote Desktop Users Group
  http://technet.microsoft.com/en-us/library/cc743161.aspx
  Best Regards,
  Erin

• Multiple port opened for one db connection.

  My java standalone server connects to sql server via MS sql JDBC driver(v 2.2). I saw so many port in Time_wait state to the db server in netstat. I did some search on the internet, found that this the nature of TCP/IP protocol. and we can live with it without modifying Windows config.
  however, I noticed on my side, there are two ports involved for each database connection. I think this is one of the reasons I have so many ports in Time_wait state.
  To me, it seems like the request to db server is done on one port, the response from db server is done on another port. is this implemented on JDBC driver layer or on sql server?
  please help !!!

  I saw so many port in Time_wait state to the db server in netstat. This suggests that you are not using any type of connection pooling, but instead are opening and closing connections pretty quickly, although it depends on what you mean by "many"; 10 or 100 might be a good number for a busy system, depending on your application. On some operating systems under high load, it could potentially be a problem if you are getting into many hundreds or thousands, but other issues usually drive people to using connection pools long before this issue would.
  however, I noticed on my side, there are two ports involved for each database
  connection. I think this is one of the reasons I have so many ports in Time_wait state.Not really. That might double the number, but the real reason is a lot of connection closes (real connection closes, not closes on a pooled connection).
  To me, it seems like the request to db server is done on one port,
  the response from db server is done on another port.
  is this implemented on JDBC driver layer or on sql server?That is totally up to the driver vendor; there's nothing you can do about it.
  please help !!!I'm not sure what you're problem really is - you might be worrying about something that isn't a problem. Is something bad happening that you're trying to fix, or did you just notice these expiring ports and start worrying about them?

• Keep a Socket Server connection/port open for incoming requests

  Hi,
  I have a socket server which listens to the incoming messages. The problem is that the socket server terminates the socket connection once it receives a message.
  I want this Socket server to keep on running and process all the requests it receives.
  Can you please advise which stream shall be kept open for this to be achieved? Below is the code for your reference.
  Thanks!
  import java.net.*;
  import java.io.*;
  public class SocketServer
       public static void main(String[] args) throws IOException
               ServerSocket serverSocket = null;
               String result = null;
               SocketServer sockServer = new SocketServer();
               try
                        serverSocket = new ServerSocket(4444);
               catch (IOException e)
                        System.exit(1);
               Socket clientSocket = null;
               try
                    clientSocket = serverSocket.accept();
                        clientSocket.setSoTimeout(30000);
               catch (IOException e)
                    System.exit(1);
               PrintWriter out = new PrintWriter(clientSocket.getOutputStream(), true);
               BufferedReader in = new BufferedReader(new InputStreamReader(clientSocket.getInputStream()));
               String inputLine;
               inputLine = in.readLine();
               if((inputLine == null) || (inputLine.length() < 1))
                        throw new IOException("could not read from request stream");
               else
                        result = sockServer.parseString(inputLine);
                        out.println("|0|OK|");
            InputStream is = null;
                FileOutputStream fout=null;
                BufferedInputStream bufIn = null;
                HttpURLConnection con = null;
                ByteArrayOutputStream baos = null;
                  try
                 URL url = new URL("http","10.176.96.64",8080,result);
                 con = (HttpURLConnection)url.openConnection();
                 is = con.getInputStream();
                 bufIn = new BufferedInputStream(is);
                 fout=new FileOutputStream("Z:\\Clips\\Cache\\"+result);
                 baos = new ByteArrayOutputStream();
                 int c = bufIn.read();
                 while(c != -1)
                      baos.write(c);
                      c = bufIn.read();
                 baos.writeTo(fout);
            catch(MalformedURLException mue)
                 System.err.println ("*********In Download File: Invalid URL");
            catch (IOException ioe)
                 System.err.println ("*********In Download File: I/O Error - " + ioe);
            finally
                 try
                      baos.close();
                      bufIn.close();
                      fout.close();
                      is.close();
                      con.disconnect();
                 catch(Exception ex)
                      System.out.println("*********In Download File: Exception Occured: "+ex.toString());
                    out.close();
                    in.close();
                    clientSocket.close();
                    serverSocket.close();
  }

  In a truly unexpected turn of events.. this question has been crossposted.
  http://forum.java.sun.com/thread.jspa?threadID=5127579
  Good job singalg. I highly recommend that instead of accepting that there is anything wrong with your understanding of how this should work and reviewing the tutorials you should instead repost this question daily, Each day choosing a different forum.

• Need alternative port open for VIPs on ACE

  My ACE is almost completely configured - with VIPs, farms, real servers, redirects etc. Port 80 and 443 are working as expected and web requests are getting routed appropriately.
  The need has arisen however, to allow a non-traditional port to be allowed/open to certain websites (to certain VIPs). (As some background - this is an SFTP style client based connection. ) 
  My ACL configuration is open - ip any any - but i even created one specific to this port number. (let's just say it's 7777 for now). I've done captures on the firewall to make sure that traffic from external requests is getting through it, and when I try to connect to the real server address (either NATed or internally), it connects just fine. I am unable to see the connection attempts in the logging on the ACE and the error message that the client app gets is "connection refused"
  I'm not good with policy maps or class maps, so I'm not sure if that's where I need to be looking. I suppose that the issue is at the VIP level though since the server IPs work fine, so I need to understand what gets processed via that IP that doesn't via the others.
  So if I currently have websites on the ACE configured to accept, redirect, and loadbalance for port 80 and 443, but I now need them to do the same on port 7777, what changes need to be applied and where?
  I can paste any config info if someone can help me. Thanks.

  Good afternoon,
  This new port would be a completely new VIP, so, you would need to create a new class-map for it.
  Daniel

• Ports opening for aMule

  Hi all.
  I have been reading all posts but no solution found for opening ports when using aMule. I have a PC which works fine and gets high Id when connecting to eMule. I have installed aMule for mac and when launching this app. a message appears telling me that port "xx", or any other has no chance to get opened :"port #x not available", no matter which port I try with. I mean: PC works fine with the same router than Mac does not.
  Thanks in advance. (I am a rookie in Mac).
  P.S: I forgot mentioning that firewall (Mac) was yet disabled.
  Message was edited by: anseso

  Be sure your firewall settings are correct (System Preferences > Security > Firewall > Advanced).
  Do not use the "Block all incoming connections" setting.
  Use the "Automatically allow signed software to receive incoming connections" setting.
  "Enable stealth mode" is optional.

• Email Port Open for ASA5505

  Hi all ;
  Just posted a question that when I want to let email to come through the ASA5505 from outside to DMZ and Inside network, are the below command lines correct and good enough?
  access-list  outside_DMZ extended permit tcp outside-network-ip dmz-network-ip eq imap4
  access-list outside_DMZ extended permit tcp outside-network-ip dmz-network-ip eq pop3
  access-list outside_DMZ extended permit tcp outside-network-ip dmz-network-ip eq smtp
  access-list outside_inside extended permit tcp outside-network-ip inside-network-ip eq imap4
  access-list outside_inside extended permit tcp outside-network-ip inside-network-ip eq pop3
  access-list outside_inside extended permit tcp outside-network-ip inside-network-ip eq smtp
  access-group outside_DMZ in interface outside
  access-group outside _inside interface outside
  Are there any other TCP ports want to be allowed and other command lines need to be added?
  Thanks!
  Regards,
  tangsuan

  Hi Jcarvaja :
  Thanks for your reply!
  1. For inside to outside, I have used a dynamic nat as below :
  nat (inside) 20 192.168.100.0 255.255.255.0
  global (outside) 20 192.168.50.171-192.168.50.180
  As such, it should be not necessary for static one to one from inside to outside, right?
  2. For dmz to outside, I use the static nat and so each individual mapped IP is need to create. For example :
  static (dmz,outside) 192.168.20.x 192.168.50.x netmask 255.255.255.255
  whereby 192.168.20.x is host at outside network and 192.168.50.x is at dmz network. This will be ok, right?
  3. As for the ACL, I can group all the hosts (servers or stations) at dmz and inside and applied one ALC as below :
  access-list Email_in extended permit tcp object-group Outside_Network object-group hosts_dmz_inside eq smtp
  access-list Email_in extended permit tcp object-group Outside_Network object-group hosts_dmz_inside eq pop3
  access-list Email_in extended permit tcp object-group Outside_Network object-group hosts_dmz_inside eq imap4
  Let me know is it any problem, thanks!
  regards,
  tangsuan

• Slooooow file opening (for a new machine) - why?

  I've recently upgraded my OS to Win7 & I'm running a quad core 2.8Ghz on an Intel SSD drive, 8GB RAM, 64-bit system, 1GB Graphics RAM, 5GB available RAM in photoshop.
  Problem is, when opening a batch of small 4x6's (300dpi), I'm seeing major hesitation between files (eg to open 8 jpg @ 1800x1200, it takes 6 seconds).
  This has me a little worried, as I commonly process batches of 50+ jpegs.
  I've disabled automatic creation of snapshots, updated Photoshop & I'm running the latest Graphics driver.
  The only thing I've noticed is that Open GL drawing gets disabled when I open more than 28 4x6's, and that my graphics card (EVGA 01G-P3-N964-LR GeForce 9600 GSO 1GB) is labelled in photoshop as a GeForce 9600 GSO 512 (I guess that's OK though as it's probably just an umbrella name for the drivers that work the card--the card is listed correctly in Control Panel in the GeForce controller)
  Any suggestions where to start looking for a fix?
  Thanks

  Are you using an external hard drive? Then this may help, it helped me. I was experiencing the same problem opening files as well as saving files - it was extremely slow. Open up 'Control Panel', then 'Device Manager', right-click on your external hard drive (under the 'Disk drives') and select 'Properties', then click on the 'Policies' tab. Select 'Better performance'. This made a huge difference in the opening and saving times of all my files.
  Good luck!

• Regarding Fucntion module for Labor and Machine times

  Dear all,
  Is there any fucntion module to get the labor and machine times when we give in material and plant.
  thanks
  J

  check the function
  SCOV_TIME_DIFF
  Import parameters               Value
  IM_DATE1                        2008-01-01
  IM_DATE2                        2008-01-01
  IM_TIME1                        10:00:00
  IM_TIME2                        11:30:00
  Export parameters               Value
  EX_DAYS                         0
  EX_TIME                         01:30:00

• Ports required to be opened for Financial Reporting Studio Client access

  Hi Everyone,
  What are the exact ports which are required to be opened between the client machines and the Report Server so that users are able to use the Reporting Studio. (I guess opening port 8200 only will not suffice, will it?)
  Thanks,
  Sayantan

  Sayantan,
  Chapter 15 of the Financial Studio Report documentation (http://download.oracle.com/docs/cd/E10530_01/doc/epm.931/fr_user.pdf) specifically pages 300 to 311 explain the default setup ports, the amount of Essbase ports required and such.
  JTS

• OS X Server files open as read only on client machines.

  Recently, users became unable to save changes to any file on our server or add any file to any folder on our server. The server folders and files are all opening as read only on the client machines. Currently, the users are all assigned to a group, we'll call it "companyusers", this group is granted full read/write access. On the Get Info dialog box for each file on the server, the group "companyusers" is accurately displayed under sharing and permissions with Read & Write privileges, however under the Get Info dialog box for each client machine, the group "companyusers" is non-existent. Only a name titled "(unknown)" and "everyone" is showing up. Any ideas on why the "companyusers" group is not showing up on the sharing and permissions section for the client machines?

  I think I found the fix. Looks like it works in my quick test.
  I read this post here:
  http://discussions.apple.com/thread.jspa?messageID=8278602&#8278602
  Basically in Server Admin, I went to the 'File Sharing Tab' at the top of the window
  Clicked on 'Share points'
  High-lighted my Share Point
  Below in the window, clicked on Share Point
  Clicked on Protocol Options...
  Clicked on SMB
  Clicked on Assign as Follows - and I made everything Read & Write.

• Firewall ports for appv client

  native Appv infrastructure. Apps are published using UNC.
  what ports should be open for the clients sitting behind the firewall?
  --- When you hit a wrong note its the next note that makes it good or bad. --- Miles Davis

  No, the client does not communicate with the App-V Management Server.
  Please remember to click "Mark as Answer" or "Vote as Helpful" on the post that answers your question (or click "Unmark as Answer" if a marked post does not actually
  answer your question). This can be beneficial to other community members reading the thread.
  This forum post is my own opinion and does not necessarily reflect the opinion or view of my employer, Microsoft, its employees, or other MVPs.
  Twitter:
  @stealthpuppy | Blog:
  stealthpuppy.com |
  The Definitive Guide to Delivering Microsoft Office with App-V